Unrated severityNVD Advisory· Published Jul 10, 2019· Updated Aug 5, 2024

CVE-2018-19574

Description

GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

GitLab CE/EE before 11.3.11, 11.4.8, and 11.5.1 are vulnerable to reflected XSS via improper validation of OAuth redirect URIs.

Vulnerability

GitLab CE/EE versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1 are vulnerable to a reflected XSS in the OAuth authorization page [1]. The redirect_uri parameter is not properly validated, allowing arbitrary protocols including javascript: and data: URIs [1].

Exploitation

An attacker can create an OAuth application with a malicious redirect URI such as javascript://%0aalert(document.domain) and then trick a victim into visiting a crafted URL /oauth/authorize?client_id=APP_ID&redirect_uri=...&response_type=code&state=A [1]. The victim needs to click the application name on the authorization page to trigger the JavaScript execution [1].

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the victim's browser in the context of the GitLab domain, leading to potential information disclosure, session hijacking, or actions performed on behalf of the victim [1].

Mitigation

GitLab has addressed this issue by preventing data, vbscript, and javascript protocols in the redirect URI validation [1]. Users should upgrade to patched versions: 11.3.11, 11.4.8, or 11.5.1 and later [1]. There is no known workaround besides upgrading.

References

Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols (#42057) · Issues · GitLab.org / GitLab FOSS · GitLab

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

GitLab/GitLab CE/EEdescription
GitLab Inc./CE/EEllm-create
Range: >=7.6, <11.3.11; >=11.4, <11.4.8; >=11.5, <11.5.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/109163mitrevdb-entryx_refsource_BID
about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/mitrex_refsource_MISC
gitlab.com/gitlab-org/gitlab-ce/issues/42057mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000